Loading changes/ticket40476 0 → 100644 +8 −0 Original line number Diff line number Diff line o Major feature (onion service v2): - Tor does NOT allow anymore to create v2 services, to connect as a client to a v2 service and for a relay to be a v2 HSDir or introduction point. This effectively disable onion service version 2 tor wide. Closes 40476. - The control port command HSFETCH and HSPOST don't allow version 2 as well. It is also not possible to create a v2 service with ADD_ONION. - See https://blog.torproject.org/v2-deprecation-timeline for details on how to transition from v2 to v3. src/core/or/connection_edge.c +1 −27 Original line number Diff line number Diff line Loading @@ -1612,23 +1612,6 @@ consider_plaintext_ports(entry_connection_t *conn, uint16_t port) return 0; } /** Return true iff <b>query</b> is a syntactically valid service ID (as * generated by rend_get_service_id). */ static int rend_valid_v2_service_id(const char *query) { /** Length of 'y' portion of 'y.onion' URL. */ #define REND_SERVICE_ID_LEN_BASE32 16 if (strlen(query) != REND_SERVICE_ID_LEN_BASE32) return 0; if (strspn(query, BASE32_CHARS) != REND_SERVICE_ID_LEN_BASE32) return 0; return 1; } /** Parse the given hostname in address. Returns true if the parsing was * successful and type_out contains the type of the hostname. Else, false is * returned which means it was not recognized and type_out is set to Loading Loading @@ -1692,14 +1675,6 @@ parse_extended_hostname(char *address, hostname_type_t *type_out) if (q != address) { memmove(address, q, strlen(q) + 1 /* also get \0 */); } /* v2 onion address check. */ if (strlen(query) == REND_SERVICE_ID_LEN_BASE32) { *type_out = ONION_V2_HOSTNAME; if (rend_valid_v2_service_id(query)) { goto success; } goto failed; } /* v3 onion address check. */ if (strlen(query) == HS_SERVICE_ADDR_LEN_BASE32) { Loading @@ -1719,8 +1694,7 @@ parse_extended_hostname(char *address, hostname_type_t *type_out) failed: /* otherwise, return to previous state and return 0 */ *s = '.'; const bool is_onion = (*type_out == ONION_V2_HOSTNAME) || (*type_out == ONION_V3_HOSTNAME); const bool is_onion = (*type_out == ONION_V3_HOSTNAME); log_warn(LD_APP, "Invalid %shostname %s; rejecting", is_onion ? "onion " : "", safe_str_client(address)); Loading src/feature/dircache/dircache.c +2 −0 Original line number Diff line number Diff line Loading @@ -1569,6 +1569,8 @@ directory_handle_command_post,(dir_connection_t *conn, const char *headers, char *url = NULL; const or_options_t *options = get_options(); (void) body_len; log_debug(LD_DIRSERV,"Received POST command."); conn->base_.state = DIR_CONN_STATE_SERVER_WRITING; Loading src/feature/hs/hs_config.c +6 −2 Original line number Diff line number Diff line Loading @@ -159,8 +159,12 @@ static bool check_value_oob(int i, const char *name, int low, int high) { if (i < low || i > high) { if (low == high) { log_warn(LD_CONFIG, "%s must be %d, not %d.", name, low, i); } else { log_warn(LD_CONFIG, "%s must be between %d and %d, not %d.", name, low, high, i); } return true; } return false; Loading src/test/test_hs_common.c +4 −6 Original line number Diff line number Diff line Loading @@ -808,13 +808,11 @@ test_parse_extended_hostname(void *arg) tt_assert(parse_extended_hostname(address4, &type)); tt_int_op(type, OP_EQ, NORMAL_HOSTNAME); tt_assert(parse_extended_hostname(address5, &type)); tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME); tt_str_op(address5, OP_EQ, "abcdefghijklmnop"); tt_assert(!parse_extended_hostname(address5, &type)); tt_int_op(type, OP_EQ, BAD_HOSTNAME); tt_assert(parse_extended_hostname(address6, &type)); tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME); tt_str_op(address6, OP_EQ, "abcdefghijklmnop"); tt_assert(!parse_extended_hostname(address6, &type)); tt_int_op(type, OP_EQ, BAD_HOSTNAME); tt_assert(!parse_extended_hostname(address7, &type)); tt_int_op(type, OP_EQ, BAD_HOSTNAME); Loading Loading
changes/ticket40476 0 → 100644 +8 −0 Original line number Diff line number Diff line o Major feature (onion service v2): - Tor does NOT allow anymore to create v2 services, to connect as a client to a v2 service and for a relay to be a v2 HSDir or introduction point. This effectively disable onion service version 2 tor wide. Closes 40476. - The control port command HSFETCH and HSPOST don't allow version 2 as well. It is also not possible to create a v2 service with ADD_ONION. - See https://blog.torproject.org/v2-deprecation-timeline for details on how to transition from v2 to v3.
src/core/or/connection_edge.c +1 −27 Original line number Diff line number Diff line Loading @@ -1612,23 +1612,6 @@ consider_plaintext_ports(entry_connection_t *conn, uint16_t port) return 0; } /** Return true iff <b>query</b> is a syntactically valid service ID (as * generated by rend_get_service_id). */ static int rend_valid_v2_service_id(const char *query) { /** Length of 'y' portion of 'y.onion' URL. */ #define REND_SERVICE_ID_LEN_BASE32 16 if (strlen(query) != REND_SERVICE_ID_LEN_BASE32) return 0; if (strspn(query, BASE32_CHARS) != REND_SERVICE_ID_LEN_BASE32) return 0; return 1; } /** Parse the given hostname in address. Returns true if the parsing was * successful and type_out contains the type of the hostname. Else, false is * returned which means it was not recognized and type_out is set to Loading Loading @@ -1692,14 +1675,6 @@ parse_extended_hostname(char *address, hostname_type_t *type_out) if (q != address) { memmove(address, q, strlen(q) + 1 /* also get \0 */); } /* v2 onion address check. */ if (strlen(query) == REND_SERVICE_ID_LEN_BASE32) { *type_out = ONION_V2_HOSTNAME; if (rend_valid_v2_service_id(query)) { goto success; } goto failed; } /* v3 onion address check. */ if (strlen(query) == HS_SERVICE_ADDR_LEN_BASE32) { Loading @@ -1719,8 +1694,7 @@ parse_extended_hostname(char *address, hostname_type_t *type_out) failed: /* otherwise, return to previous state and return 0 */ *s = '.'; const bool is_onion = (*type_out == ONION_V2_HOSTNAME) || (*type_out == ONION_V3_HOSTNAME); const bool is_onion = (*type_out == ONION_V3_HOSTNAME); log_warn(LD_APP, "Invalid %shostname %s; rejecting", is_onion ? "onion " : "", safe_str_client(address)); Loading
src/feature/dircache/dircache.c +2 −0 Original line number Diff line number Diff line Loading @@ -1569,6 +1569,8 @@ directory_handle_command_post,(dir_connection_t *conn, const char *headers, char *url = NULL; const or_options_t *options = get_options(); (void) body_len; log_debug(LD_DIRSERV,"Received POST command."); conn->base_.state = DIR_CONN_STATE_SERVER_WRITING; Loading
src/feature/hs/hs_config.c +6 −2 Original line number Diff line number Diff line Loading @@ -159,8 +159,12 @@ static bool check_value_oob(int i, const char *name, int low, int high) { if (i < low || i > high) { if (low == high) { log_warn(LD_CONFIG, "%s must be %d, not %d.", name, low, i); } else { log_warn(LD_CONFIG, "%s must be between %d and %d, not %d.", name, low, high, i); } return true; } return false; Loading
src/test/test_hs_common.c +4 −6 Original line number Diff line number Diff line Loading @@ -808,13 +808,11 @@ test_parse_extended_hostname(void *arg) tt_assert(parse_extended_hostname(address4, &type)); tt_int_op(type, OP_EQ, NORMAL_HOSTNAME); tt_assert(parse_extended_hostname(address5, &type)); tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME); tt_str_op(address5, OP_EQ, "abcdefghijklmnop"); tt_assert(!parse_extended_hostname(address5, &type)); tt_int_op(type, OP_EQ, BAD_HOSTNAME); tt_assert(parse_extended_hostname(address6, &type)); tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME); tt_str_op(address6, OP_EQ, "abcdefghijklmnop"); tt_assert(!parse_extended_hostname(address6, &type)); tt_int_op(type, OP_EQ, BAD_HOSTNAME); tt_assert(!parse_extended_hostname(address7, &type)); tt_int_op(type, OP_EQ, BAD_HOSTNAME); Loading
